Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c49f435-d4b8-4748-9d0a-a33d3916c6cd.roa
File:                     0c49f435-d4b8-4748-9d0a-a33d3916c6cd.roa (raw, json)
Hash identifier:          i51Fq9dgTow+BpdvqYMCxSq1R4Ltqhop8s4xcZP2FAg=
Subject key identifier:   56:6A:15:A9:3D:4B:50:FF:30:6B:FB:5E:2D:55:33:4A:C2:81:BC:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       54F06EFDB7D8CE6F2BF899C7C751F4112CC70C69
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c49f435-d4b8-4748-9d0a-a33d3916c6cd.roa
Signing time:             Fri 10 Oct 2025 14:06:41 +0000
ROA not before:           Fri 10 Oct 2025 14:06:41 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        75.22.224.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:f0:6e:fd:b7:d8:ce:6f:2b:f8:99:c7:c7:51:f4:11:2c:c7:0c:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 14:06:41 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=aab27f0cafda3908d869179fc260bb6a8f3d9eea760ff2b998e80c835d49eb1b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:c8:ba:5f:6a:bc:6d:53:c0:de:d1:dd:2f:ba:
                    13:c7:f0:d2:d9:05:18:54:e6:7e:92:a4:40:ae:0a:
                    b2:f8:ed:46:ce:ec:cd:13:3a:b5:da:a9:69:20:cc:
                    19:e4:ef:e5:d5:d1:3d:13:d0:49:e9:cd:c3:ba:c3:
                    29:42:8d:5d:0b:83:7a:e6:ac:85:7e:99:ce:a6:ff:
                    e5:16:9a:66:39:77:5f:2b:d0:16:82:31:fe:2c:ba:
                    95:0f:2c:4c:71:50:da:09:1d:03:5d:95:91:8d:e2:
                    4f:7e:0f:14:03:f6:28:63:16:fb:fd:4f:7b:fe:f3:
                    41:28:e5:1f:9f:43:58:20:aa:03:0a:94:c0:d0:94:
                    6a:50:d0:6b:10:b1:82:1d:74:c5:69:1b:53:50:27:
                    85:e0:3f:31:ca:ac:24:d2:da:24:7c:62:87:03:dd:
                    b6:6e:3e:2d:03:6a:11:1e:df:70:17:9e:e2:c2:6c:
                    ba:c3:51:75:d9:33:8d:35:f0:7a:76:ce:47:52:cf:
                    9b:48:84:43:56:8f:14:15:4d:f2:39:a4:b1:e9:08:
                    8d:77:b2:3d:e9:6b:e2:49:b9:cc:9a:41:de:80:df:
                    53:83:9b:ea:10:e1:52:d5:ae:4c:56:82:f8:fd:a9:
                    95:08:7e:29:85:f9:0f:53:f3:d4:8c:67:2c:57:1d:
                    bf:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:6A:15:A9:3D:4B:50:FF:30:6B:FB:5E:2D:55:33:4A:C2:81:BC:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c49f435-d4b8-4748-9d0a-a33d3916c6cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.22.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c0:4d:6f:4a:16:c2:3e:ab:5d:d4:3f:72:1e:25:a0:30:c5:66:
         26:86:a4:de:ed:1f:43:ba:c5:28:94:cd:05:be:d0:5c:04:f6:
         0f:66:8e:c4:74:2a:5c:7c:5f:ab:32:82:e6:e7:88:80:14:9b:
         d4:fa:07:d5:cf:f5:ea:a4:87:49:ae:97:69:e0:c4:06:1f:dd:
         dd:5e:8f:5d:53:e5:5f:45:63:6a:0e:45:e7:7c:5c:fe:f8:ef:
         1c:af:2a:f6:b4:07:20:9f:20:09:91:dd:62:d4:39:65:be:18:
         bd:12:6c:7f:b4:0b:ce:7d:b9:c4:5a:93:cd:86:af:6d:d9:76:
         62:07:eb:5c:f5:ce:fc:f0:c1:91:62:e9:2f:35:24:93:d4:97:
         b3:1c:94:54:db:85:ae:cb:38:60:dc:be:c5:7e:be:fc:ea:08:
         59:e7:6b:7b:16:5c:1f:3f:c8:71:9b:fa:60:79:8b:d5:d1:63:
         1e:0b:1e:92:3d:85:1d:09:1a:79:58:c5:61:cc:e6:44:12:2d:
         ed:b3:93:cb:ef:51:b1:44:63:ef:df:e0:be:58:fb:bd:6d:14:
         ab:9d:4f:be:96:4c:70:8d:49:dd:f8:49:14:f4:c9:28:66:47:
         e4:e6:85:68:98:3f:d4:37:72:55:a5:74:2c:ac:a0:d3:c3:9a:
         d6:e1:e8:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVPBu/bfYzm8r+JnHx1H0ESzHDGkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMTQwNjQxWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWIyN2YwY2FmZGEzOTA4ZDg2OTE3OWZjMjYwYmI2YThm
M2Q5ZWVhNzYwZmYyYjk5OGU4MGM4MzVkNDllYjFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyyLpfarxtU8De0d0vuhPH8NLZBRhU5n6SpECuCrL47UbO
7M0TOrXaqWkgzBnk7+XV0T0T0EnpzcO6wylCjV0Lg3rmrIV+mc6m/+UWmmY5d18r
0BaCMf4supUPLExxUNoJHQNdlZGN4k9+DxQD9ihjFvv9T3v+80Eo5R+fQ1ggqgMK
lMDQlGpQ0GsQsYIddMVpG1NQJ4XgPzHKrCTS2iR8YocD3bZuPi0DahEe33AXnuLC
bLrDUXXZM4018Hp2zkdSz5tIhENWjxQVTfI5pLHpCI13sj3pa+JJucyaQd6A31OD
m+oQ4VLVrkxWgvj9qZUIfimF+Q9T89SMZyxXHb/BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVmoVqT1LUP8wa/teLVUzSsKBvBkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjNDlmNDM1LWQ0YjgtNDc0OC05ZDBhLWEzM2QzOTE2YzZjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVLFuAwDQYJKoZIhvcNAQELBQADggEBAMBNb0oWwj6rXdQ/ch4loDDFZiaG
pN7tH0O6xSiUzQW+0FwE9g9mjsR0Klx8X6sygubniIAUm9T6B9XP9eqkh0mul2ng
xAYf3d1ej11T5V9FY2oORed8XP747xyvKva0ByCfIAmR3WLUOWW+GL0SbH+0C859
ucRak82Gr23ZdmIH61z1zvzwwZFi6S81JJPUl7MclFTbha7LOGDcvsV+vvzqCFnn
a3sWXB8/yHGb+mB5i9XRYx4LHpI9hR0JGnlYxWHM5kQSLe2zk8vvUbFEY+/f4L5Y
+71tFKudT76WTHCNSd34SRT0yShmR+TmhWiYP9Q3clWldCysoNPDmtbh6Jg=
-----END CERTIFICATE-----